9 matches found
Mitigate Http/2 continuations with Imperva WAF
As the threat landscape continues to grow, with new breaches being announced every day, Imperva continues to stay one step ahead of attackers. HTTP/2 exploits seem to be growing every quarter as more attackers use this vulnerability in new ways. We previously wrote about how Imperva protected its...
Exploit for CVE-2024-27983
This repository builds up a vulnerable HTTP2 Node.js server se...
Exploit for CVE-2023-45288
PoC for CVE-2023-45288 This is a proof-of-concept code for th...
h2 servers vulnerable to degradation of service with CONTINUATION Flood
An attacker can send a flood of CONTINUATION frames, causing h2 to process them indefinitely. This results in an increase in CPU usage. Tokio task budget helps prevent this from a complete denial-of-service, as the server can still respond to legitimate requests, albeit with increased latency. Mo...
GHSA-Q6CP-QFWQ-4GCV h2 servers vulnerable to degradation of service with CONTINUATION Flood
An attacker can send a flood of CONTINUATION frames, causing h2 to process them indefinitely. This results in an increase in CPU usage. Tokio task budget helps prevent this from a complete denial-of-service, as the server can still respond to legitimate requests, albeit with increased latency. Mo...
HTTP/2 CONTINUATION Flood Vulnerability
HTTP/2, a widely adopted web communication protocol, organizes data transmission through a binary framing layer, wherein all communication is divided into smaller messages called frames, each identified by a specific type, such as headers, data, and continuation frames. HTTP/2 HEADER frames...
RUSTSEC-2024-0332 Degradation of service in h2 servers with CONTINUATION Flood
An attacker can send a flood of CONTINUATION frames, causing h2 to process them indefinitely. This results in an increase in CPU usage. Tokio task budget helps prevent this from a complete denial-of-service, as the server can still respond to legitimate requests, albeit with increased latency. Mo...
Degradation of service in h2 servers with CONTINUATION Flood
An attacker can send a flood of CONTINUATION frames, causing h2 to process them indefinitely. This results in an increase in CPU usage. Tokio task budget helps prevent this from a complete denial-of-service, as the server can still respond to legitimate requests, albeit with increased latency. Mo...
PT-2024-2652 · Envoy +1 · Envoy +1
Name of the Vulnerable Software and Affected Versions: Envoy versions 1.29.0 through 1.29.1 Description: The issue is related to the Envoy HTTP/2 protocol stack, which is vulnerable to a flood of CONTINUATION frames. This occurs because Envoy's HTTP/2 codec does not reset a request when header ma...